Xref: utzoo news.admin:4043 news.sysadmin:1634 comp.mail.uucp:2313
Path: utzoo!attcan!uunet!husc6!cs.utexas.edu!unisec!dpw
From: dpw@unisec.usi.com (Darryl P. Wagoner)
Newsgroups: news.admin,news.sysadmin,comp.mail.uucp
Subject: Re: Dangerous hole in Usenet!
Message-ID: <1160@unisec.usi.com>
Date: 21 Nov 88 13:42:36 GMT
References: <1227@vsi1.UUCP> <117@hudson.Morgan.COM>
Reply-To: dpw@unisec.USI.COM (Darryl P. Wagoner)
Organization: UniSecure System, Round Rock, TX
Lines: 28

In article <117@hudson.Morgan.COM> frank@Morgan.COM (Frank Wortner) writes:
>In article <1227@vsi1.UUCP> lmb@vsi1.UUCP (Larry Blair) writes:
>>It has come to my attention the there is a MAJOR hole created by the way
>>many sites administer their machines.
>>[...]
>>I will send mail to anyone who is interested.  I will ONLY send it to the
>>user "news" at your system.
>
>Larry (and anyone else who feels that she/he has found a "MAJOR hole" in
>the news software), I think you would do us a service if you sent your
>theory to the maintainer or author of the software involved.  

I have gotten mail from Larry about this hole and what he says is true.
It is a real hole "created by many sysadmins" not by the usenet software.
Therefore it would do little good to inform Rick Adams of the problem
except he could fix his system and possibly provide a more secure program.

This is what I recommend:  Let Larry mail out the problem description to
all that request it for the next few weeks and then post the description
to the net so that everyone else is made aware of the problem.  The problem
is easy to fix and/or disable without affecting the usenet software.  
The bug only allows for the execution of programs run with the news id.

-- 
Darryl Wagoner		dpw@unisec.usi.com
UniSecure Systems, Inc.; 			OS/2, Just say No!
Round Rock,  Tx; (512)-255-8751 (home) (512)-823-3774
UUCP:  {cs.utexas!uiucuxc!bigtex!mybest}!unisec!dpw